An assertion violation was triggered.

[code423n4]

Lines of code

https://github.com/code-423n4/2023-02-ethos/blob/main/Ethos-Core/contracts/TroveManager.sol#L417 https://github.com/code-423n4/2023-02-ethos/blob/main/Ethos-Core/contracts/TroveManager.sol#L1279 https://github.com/code-423n4/2023-02-ethos/blob/main/Ethos-Core/contracts/TroveManager.sol#L1342 https://github.com/code-423n4/2023-02-ethos/blob/main/Ethos-Core/contracts/TroveManager.sol#L1348 https://github.com/code-423n4/2023-02-ethos/blob/main/Ethos-Core/contracts/TroveManager.sol#L1489 https://github.com/code-423n4/2023-02-ethos/blob/main/Ethos-Core/contracts/RedemptionHelper.sol#L128

Vulnerability details

Impact

It is possible to trigger an assertion violation in the functions:

• function _liquidateRecoveryMode(IActivePool,IDefaultPool,address,address,uint,uint, uint,uint,uint256) by using assert() in
  TroveManager.sol#L417: assert(_LUSDInStabPool != 0);

• function _closeTrove(address, address , Status) by using assert() in
  TroveManager.sol#L1279: assert(closedStatus != Status.nonExistent && closedStatus != Status.active);

• function _removeTroveOwner(address, address, uint) by using assert() in TroveManager.sol#L1342: assert(troveStatus != Status.nonExistent && troveStatus != Status.active); TroveManager.sol#L1348: assert(index <= idxLast);

• function decayBaseRateFromBorrowing() by using assert() in TroveManager.sol#L1489 : assert(decayedBaseRate <= DECIMAL_PRECISION);

• function redeemCollateral(address,address,uint256,address,address,address,uint256,uint256,uint256) by using assert() in
  RedemptionHelper.sol#L128: assert(lusdToken.balanceOf(_redeemer) <= totals totalLUSDSupplyAtStart);

Proof of Concept

https://swcregistry.io/docs/SWC-110

Tools Used

Mythx

Recommended Mitigation Steps

use require() instead of assert()

[c4-judge]

trust1995 marked the issue as unsatisfactory: Invalid